Yesterday I was doing maintenance on a Windows Small Business Server 2008, the Windows Update patches installed successfully and the restart button was pushed. And then the problems started.. Server rebooted and had problems starting several services such as Active Directory Domain Services, DNS, Exchange, Cetificates and several more. Trying to logon to the server with my Domain Admin credentials gave me this error message:
The same error message came when I tried to logon to other servers in the domain. So what does the trick to fix this?
1. Logon to the server with the local administrator username and password (hit “.\administrator”, in username field to force the logon with local admin)
2. when logged into the server, check that services that supposed to be started are started. — as you noted when you did the logon, you got into safe mode… strange? yes..
3. So, hit the “WIN + R” and type “MSCONFIG” 4. navigate to the “Boot” menu, and remove the “Safe boot – Boot options” hit Apply and restart your server.
5. Give the server some time to startup again and test the logon with an “domain admin” account Worked for me 🙂
Sometimes (not often i hope) you want to exclude updates for somehow that you are deploying to all your computers with System Center Configuration Manager 2012.
The excluding of Windows updates can be done with some few steps.
So this is how you do it:
1. Start with creating av “excluded updates” folder under “Software Library -> Software Updates -> All Software Updates”
2. Move updates that you want to exclude into this folder (right click and “move”)
3. Navigate to your moved updated and right click it then go to “Properties” and in the pane “Custom Severity” choose “Low”
4. Navigate to your “Automatic Deployment Rule” and edit your rule so that you only distribute updates that are marked as “None” in Custom Severity
With this the next time the ADR is running it will distribute only the updates that does not have any “Custom Severity” defined on them, all updates that are to be distributed every month comes with none custom severity and therefore you will not send out the one that you change severity of.
To list all mailboxes in one database and sort it by size, use this nice PowerShell line:
Get-MailboxStatistics -Database <DATABASENAME> | select DisplayName, ItemCount, TotalItemSize | Sort-Object TotalItemSize -Descending
If you want to export the list to an CSV file, put “| Export-CSV C:\MailBoxSize.CSV” at the end of the PowerShell line.
To check information about Out Of Office for mailbox users we can run an powershell “one liner” and get useful information.
The PS, Get-MailboxAutoReplyConfiguration “username” will show you this useful information:
- AutoReplyState (Disabled/Enabled)
- Start date (date and time)
- End date (date and time)
- External Message (in HTML format)
- Internal Message (in HTML format)
With this command you can easily change the message as wel!
Get-MailboxAutoReplyConfiguration julras | Set-MailboxAutoReplyConfiguration -ExternalMessage “Hi, I`m testing OOO” -InternalMessage “Hi, I`m testing OOO” -Autoreplystate Enabled
As you can see in my PS command i here GET the results of “julras” user and pipe it throug an SET command to change the External and internal message and then Enable the Out of Office for the user.
It is ONLY the domain controller holding the PDC role that should use external NTP. All the other domain controllers should sync with PDC domain controller. To find the server holding the PDC role run
On the domain controller holding the FSMO role you should configure NTP with this command
On the other domain controllers configure NTP with this command
On the servers in the domain you should configure NTP with this command
Servers outside the domnain should use this:
All the above configuration has to be followed by the command below to take effect
net stop w32time
net start w32time
If you wan’t to query a NTP source run this
If w32tm don’t exist as a service
Thnx to Henning Ims for this fantastic solution. 🙂
If you have DFS replication errors on one or more domain controllers, first find out witch domain controller that has the error.
log on to all your domain controllers and check the Event log -> Applications and Services Logs -> DFS Replication and look for Warnings.
In this example the domain controller had an dirty shutdown based on power failure.
If you find this one, the resolution is described in the event
1. first of all, take backup of your SYSVOL directory on all domain controllers (usually found under c:\windows\sysvol)
2. run the wmic command described in your event id in an elevated command prompt
3. the method should execute successful and the Return Value should be like 0;
When this is done, you should see an information event in event viewer:
An easy command for checking if there are any automatic rules on an Exchange Mailbox is to use PowerShell and Get-InboxRule, this commandlet will give you an output of all the rules and what the rule does with emails that`s arriving in the mailbox.
Example: Get-InboxRule -Mailbox “account” | Select Name, Description | fl